Home Library Learn Samples Downloads Support Community Forums
0 out of 8 rated this helpful - Rate this topic

Code Sample: Windows Phone 7 Application

Published: April 7, 2011

Updated: February 28, 2013

Applies To: Windows Azure

This sample illustrates how a Windows Phone 7 Silverlight application can use Windows Azure Active Directory Access Control (also known as Access Control Service or ACS) to call a Representational State Transfer (REST) service.

In the sample, a directory service that returns a list of contact information is hosted locally. The phone application is then used to access this service. Users are able to authenticate to the service by signing into one of the identity providers you configure in the Access Control namespace. The code for this sample is located in the Acs2WindowsPhoneSample (C#\WebServices\Acs2WindowsPhoneSample) subdirectory of the Windows Azure Active Directory Access Control (ACS) Code Samples package.

Prerequisites

To run this sample you will need:

  1. Visual Studio 2010 (any version)

  2. Windows Phone Developer Tools RTW (http://go.microsoft.com/fwlink/?LinkId=185968)

  3. Windows Identity Foundation Runtime (http://support.microsoft.com/?kbid=974405)

  4. Silverlight 4 Tools for Visual Studio (http://go.microsoft.com/fwlink/?LinkId=201842)

  5. Internet Information Services (IIS) with ASP.NET and IIS 6 compatibility enabled

For more details, See ACS Prerequisites (http://go.microsoft.com/fwlink/?LinkId=221065) for more details.

Configuring the Sample

The ACS configuration required for this sample can be performed using either the ACS Management Portal or the ACS Management Service. This topic describes both options.

  1. Option 1: Configuring the sample in the ACS Management Portal

  2. Option 2: Configuring the sample by using the ACS Management Service

Option 1: Configuring the Sample in the ACS Management Portal

To configure the sample using the ACS Management Portal

  1. Go to the Windows Azure Management Portal, sign in, and then click Active Directory.

  2. To create an Access Control namespace, click New, click App Services, click Access Control, and then click Quick Create. (Or, click Access Control Namespaces before clicking New.)

  3. To manage an Access Control namespace, select the namespace, and then click Manage. (Or, click Access Control Namespaces, select the namespace, and then click Manage.)

    This action opens the Access Control Service management portal.

  4. To establish relationships with the identity providers you would like the users of your website to use when logging in, click Identity providers and add Yahoo! and Google.

  5. To register your application with ACS, click Relying party applications, select Add, enter the following information in the form, and then click Save.

    • In the Name field, enter a display name for your site.

    • In the Realm field, enter the base URL of your site, for example, http://ContosoContacts/

    • In the Return URL field, enter the URL that ACS will return the security token to, for example, http://localhost:9000/Default.aspx

    • Select SWT from the Token format drop-down list box.

    • In the Identity Providers field, select the identity providers that you want to support on your site.

    • In the Token Signing Key field, click Generate to create a token signing key. Copy this key for use later in the plugin configuration.

    • In the Expiration Date field, enter an appropriate expiration date for the key. The key will no longer be valid on this date.

    • Leave the other fields at their default values.



  6. With your relying party application registered, it is now time to create the rules that determine the claims that ACS will issue to your application. In this sample, we will pass through all claims issued by the identity provider. To create this rule, click Rule groups, click Default Rule Group for ContosoContacts, and then click Generate. Verify that the Yahoo!, Google, and Windows Live ID (Microsoft account) identity providers are selected, click Generate, and then click Save.

Option 2: Configuring the Sample by Using the ACS Management Service

The Visual Studio sample solution contains a console application named ConfigureSample that uses the ACS Management Service and the common helpers defined in the Common class library. This application can be used to configure your Access Control namespace for use with this sample.

To configure the sample by using the ACS Management Service

  1. To configure the sample, open SamplesConfiguration.cs (acs\Management\ManagementService\Common). Replace the placeholders in the SamplesConfiguration class in the Common class library with information about your Access Control namespace. You can find the information in the ACS Management Portal.

    To navigate to the ACS Management Portal: Go to the Windows Azure Management Portal, sign in, and then click Active Directory. To manage an Access Control namespace, select the namespace, and then click Manage. (Or, click Access Control Namespaces, select the namespace, and then click Manage.)

    • ServiceNamespace - Enter the name of your Access Control namespace.

    • ManagementServiceIdentityName - Enter the name of an ACS management service account. The default is ManagementClient.

      To find the management service account name, in the ACS Management Portal, click Management service. The accounts are listed by name under Management Service Accounts.

    • ManagementServiceIdentityKey - Enter the password for the management service account.

      To find the management service account password, in the ACS Management Portal, click Management service. Click the name of a management service account, and then, under Credentials, click Password. The password appears in the Password field. To copy the password, click Show Password.

  2. Run the ConfigureSample application in Visual Studio, which will configure ACS to run this sample.

  3. When the ConfigureSample application completes, it will output the generated relying party signing key to the console. Copy this key to the clipboard.

Running the Phone App Sample

To run the phone app sample

  1. Open the ContosoContactsApp.sln sample in administrator mode in Visual Studio.

  2. In the CustomerInformationService project, open the Web.config file and make the following modifications:

    • Set the value for IssuerIdentifier by replacing Service Namespace with the name of the Access Control namespace that you configured in ACS, for example, Contoso.

    • Set the ServiceKey to be the token signing key that you generated as part of your relying party application configuration.

  3. In the ContosoContactsApp project, open SignIn.xaml and make the following modifications:

    • Set the Access Control namespace under AccessControlServiceSignIn by replacing [Service Namespace] with the name of your Access Control namespace, for example, Contoso.

    • Verify the value of Realm. You do not need to update it. In the sample code, it has already been set to the value that you specified above in your relying party application configuration: http://ContosoContacts/.

  4. Press F5 to start the application. When the Windows Phone emulator starts, the Contoso Contacts application will load.

  5. Click the Sign In hyperlink. This will navigate to the Sign In page, hosted in the Silverlight application.

  6. Click one of the identity providers from the list.

  7. Sign in to the identity provider. After signing in to the identity provider, ACS will issue a token that is used to authenticate to the contact service.

  8. The sample will persistently store the token. This allows the service to be called multiple times across invocations of the application. The token can be cleared by clicking the Sign Out link on the application bar at the bottom of the application.

Did you find this helpful?
(1500 characters remaining)
© 2013 Microsoft. All rights reserved.
|
Site Feedback
© 2013 Microsoft. All rights reserved.